Deeplinks Blog posts about Cyber Security Legislation

Wednesday, the House Permanent Select Committee on Intelligence marked up the Cyber Intelligence Sharing and Protection Act (CISPA), the misguided “cybersecurity” bill that would create a gaping exception to existing privacy law while doing little to address palpable and pressing online security issues. The markup was held entirely behind closed doors—even though the issues being considered will have serious effects on the liberty of Internet users—and was passed out of the committee.

This means the bill can go to the floor and be voted on at anytime. Please tell your Representative now to vote no on CISPA. We probably have only a few days left before the floor vote.

In the last three months alone, the House has released three different cybersecurity bills and has held over seven hearings on the issue. In addition, the House Judiciary Committee floated changes to the Computer Fraud and Abuse Act (CFAA)—the draconian anti-hacking statute that came to public prominence after the death of activist and Internet pioneer Aaron Swartz.

Last Monday, a number of organizations, companies, and individuals came together for a Week of Action against the dangerous cybersecurity bill, CISPA. Though thousands of people answered our call to action, the fight is far from over.

Under CISPA, companies can collect your information in order to "protect the rights and property" of the company, and then share that information with third parties, including the government, so long as it is for "cybersecurity purposes." Companies aren't required to strip out personally identifiable information from the data they give to the government, and the government can then use the information for purposes wholly unrelated to cybersecurity – such as "national security," a term the bill leaves undefined.

One question we sometimes get is: Under CISPA, which government agencies can receive this data? For example, could the FBI, NSA, or Immigration and Customs Enforcement receive data if CISPA were to pass?

Thirty-seven digital rights groups and businesses have come together this week to urge the White House to defend privacy and promise to veto the dangerous cybersecurity bill CISPA. Such legislation poses a number of privacy risks to individuals, allowing levels of information sharing between companies and the government that supersede existing privacy laws. Privacy advocates aren't the only ones speaking out against CISPA; online companies like Reddit and Mozilla, as well as web hosts like Gandi and Namecheap, have chosen to stand up for their users' rights rather than support ill-defined legislation.